perl i suid/sgid
Pepe
pepe w apollo.net.pl
Pon, 22 Lip 2002, 15:16:29 CEST
On Mon, 22 Jul 2002 14:54:18 +0200 (CEST)
Tomasz Kłoczko <kloczek w rudy.mif.pg.gda.pl> wrote:
> No to pozostaje juz tylko przejzrenie zmian jakie zostały wykonane od rel
> 40.
>
> $ cvs up perl.spec; cvs diff -u -r perl-5_6_1-40 perl.spec | less
Troche dużo tych zmian.
>
> przyjrzyj się temu bo może wypadły jakeiś pliki które są ważne dla skryptu
> jaki uruchamiasz.
>
> Po za tym próba uruchomienia samwgo skryptu powinna jednak też pokzać coś
> na temat istoty błędu.
Totalny brak błędów.
Jeszcze jedna dziwna rzecz, po zmianie #!/usr/bin/perl na #!/usr/bin/suidperl
[root w ns1 root]# /home/httpd/cgi-bin/neomail.pl
Permission denied.
Jeszcze wynik strace.
[root w ns1 root]# strace /home/httpd/cgi-bin/neomail.pl
execve("/home/httpd/cgi-bin/neomail.pl", ["/home/httpd/cgi-bin/neomail.pl"], [/* 21 vars */]) = 0
uname({sys="Linux", node="ns1", ...}) = 0
brk(0) = 0x805783c
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40015000
open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=7885, ...}) = 0
old_mmap(NULL, 7885, PROT_READ, MAP_PRIVATE, 4, 0) = 0x40016000
close(4) = 0
open("/usr/lib/libperl.so.5.6.1", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\220"..., 1024) = 1024
fstat(4, {st_mode=S_IFREG|0755, st_size=813712, ...}) = 0
old_mmap(NULL, 819064, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x40018000
mprotect(0x400d6000, 40824, PROT_NONE) = 0
old_mmap(0x400d6000, 40960, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0xbd000) = 0x400d6000
close(4) = 0
open("/lib/libnsl.so.1", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300A\0"..., 1024) = 1024
fstat(4, {st_mode=S_IFREG|0755, st_size=75284, ...}) = 0
old_mmap(NULL, 86684, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x400e0000
mprotect(0x400f2000, 12956, PROT_NONE) = 0
old_mmap(0x400f2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x11000) = 0x400f2000
old_mmap(0x400f4000, 4764, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x400f4000
close(4) = 0
open("/lib/libdl.so.2", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\330\34"..., 1024) = 1024
fstat(4, {st_mode=S_IFREG|0755, st_size=9508, ...}) = 0
old_mmap(NULL, 12388, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x400f6000
mprotect(0x400f8000, 4196, PROT_NONE) = 0
old_mmap(0x400f8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x1000) = 0x400f8000
close(4) = 0
open("/lib/libm.so.6", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0I\0\000"..., 1024) = 1024
fstat(4, {st_mode=S_IFREG|0755, st_size=136864, ...}) = 0
old_mmap(NULL, 139380, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x400fa000
mprotect(0x4011b000, 4212, PROT_NONE) = 0
old_mmap(0x4011b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x20000) = 0x4011b000
close(4) = 0
open("/lib/libc.so.6", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\10\333"..., 1024) = 1024
fstat(4, {st_mode=S_IFREG|0755, st_size=1198916, ...}) = 0
old_mmap(NULL, 1215040, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x4011d000
mprotect(0x4023b000, 43584, PROT_NONE) = 0
old_mmap(0x4023b000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x11d000) = 0x4023b000
old_mmap(0x40242000, 14912, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40242000
close(4) = 0
open("/lib/libcrypt.so.1", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\0\23\0"..., 1024) = 1024
fstat(4, {st_mode=S_IFREG|0755, st_size=33544, ...}) = 0
old_mmap(NULL, 196764, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x40246000
mprotect(0x4024e000, 163996, PROT_NONE) = 0
old_mmap(0x4024e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x7000) = 0x4024e000
old_mmap(0x4024f000, 159900, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4024f000
close(4) = 0
open("/lib/libutil.so.1", O_RDONLY) = 4
read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\260\16"..., 1024) = 1024
fstat(4, {st_mode=S_IFREG|0755, st_size=7752, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40277000
old_mmap(NULL, 10604, PROT_READ|PROT_EXEC, MAP_PRIVATE, 4, 0) = 0x40278000
mprotect(0x4027a000, 2412, PROT_NONE) = 0
old_mmap(0x4027a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 4, 0x1000) = 0x4027a000
close(4) = 0
munmap(0x40016000, 7885) = 0
brk(0) = 0x805783c
brk(0x805785c) = 0x805785c
brk(0x8058000) = 0x8058000
brk(0x8059000) = 0x8059000
brk(0x805a000) = 0x805a000
brk(0x805c000) = 0x805c000
getuid() = 0
geteuid() = 0
getgid() = 0
getegid() = 0
time([1027343527]) = 1027343527
rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
brk(0x805e000) = 0x805e000
stat("/usr/lib/perl5/site_perl/5.6.0", 0xbffffa0c) = -1 ENOENT (No such file or directory)
stat("/usr/lib/perl5/site_perl/5.005", 0xbffffa0c) = -1 ENOENT (No such file or directory)
open("/home/httpd/cgi-bin/neomail.pl", O_RDONLY) = 4
fcntl(4, F_SETFD, FD_CLOEXEC) = 0
fstat(4, {st_mode=S_IFREG|S_ISUID|0755, st_size=120444, ...}) = 0
setreuid(0, 0) = 0
getuid() = 0
geteuid() = 0
stat("/home/httpd/cgi-bin/neomail.pl", {st_mode=S_IFREG|S_ISUID|0755, st_size=120444, ...}) = 0
fstatfs(4, {f_type="EXT2_SUPER_MAGIC", f_bsize=1024, f_blocks=8766045, f_bfree=7362817, f_files=1114112, f_ffree=1110207, f_namelen=255}) = 0
fstat(4, {st_mode=S_IFREG|S_ISUID|0755, st_size=120444, ...}) = 0
brk(0x805f000) = 0x805f000
open("/proc/mounts", O_RDONLY) = 6
fstat(6, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40016000
read(6, "/dev/root / ext3 rw 0 0\n/proc /p"..., 4096) = 206
stat("/", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
stat("/proc", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
stat("/usr", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
stat("/var", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
stat("/home", {st_mode=S_IFDIR|0755, st_size=1024, ...}) = 0
close(6) = 0
munmap(0x40016000, 4096) = 0
write(2, "Permission denied.\n", 19Permission denied.
) = 19
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
_exit(2) = ?
--
Pepe
Więcej informacji o liście dyskusyjnej pld-users-pl